Syrian Electronic Army, a hacking group responsible for several visible attacks in the last few weeks, has evidently taken control of BSkyB's Sky apps in the Play Store, replacing the promo headers with SEA's logo, and the app descriptions with "Syrian Electronic Army Was Here."

In a tweet earlier, BSkyB's Twitter account (which we now know was also compromised) warned its users to uninstall all Sky apps, as they "were hacked and replaced." Indeed, BSkyB's apk files were replaced by the hacking group.

UPDATE: All Sky's Android apps were hacked and replaced... please uninstall it, And we will let you know when it will be available

— Sky Help Team (@SkyHelpTeam) May 26, 2013

Syrian Electronic Army, the group behind the infiltration, is also responsible for attacks on the Washington Post, Al Jazeera, Human Rights Watch, Financial Times, the Onion and many others (including Twitter accounts belonging to ITV and BBC Weather), and are "enemies of Anonymous," according to an interview reported on Vice. Earlier today, it was reported that the group attempted an attack on the water system in Haifa, a city in northwestern Israel.

So, how did the attack happen? The most likely answer is that the SEA somehow stole BSkyB's signing keys and the developer account password. If the signing keys were not compromised, the Play Store would not allow the apps to update. Depending on how this attack was executed, the implications could be quite considerable.

Any resolution would likely involve stopping use of the account, pulling the apps from the store entirely, and potentially force uninstalling them from users' devices.

Update #1 (5-26 at 12:30am Pacific): At the time of this update, all affected Sky apps have been removed from the Play Store.

Update #2 (5-26 at 11:00am Pacific): CNET reports (through contact with a Sky spokesperson) that BSkyB's Twitter feed was also compromised, and that the warning mentioned above did not come from BSkyB itself. The broadcaster assures readers "we will provide a further update when we have more information."

Now that we know BSkyB's Twitter account was also hacked, it is possible (if not likely) that the .apk files in the Play Store were not actually replaced after the developer account was compromised. After all, changing the app description and promo images would be much easier than obtaining the signing keys for the apps, and the only real evidence available that the .apks were altered came in the form of a tweet that we now know was fake.

Strangely, the tweets are still up at the time of writing, indicating that perhaps BSkyB doesn't have access to the account. If in fact the SEA's attack began with a service like – for example – BSkyB's email, compromising its Twitter account would be a snap.

Any definitive information on just how the attack was carried out (or when it will be resolved) remains to be seen, but we'll keep you updated.

Update #3 (5-28 at 9:29pm Pacific): BSkyB has apparently regained control of its Twitter account, sending out a series of tweets officially acknowledging the attack and updating users on the current situation.

Several of Sky’s Android apps have been temporarily removed from the Google play store after app pages were defaced early on Sunday morning.

— Sky Help Team (@SkyHelpTeam) May 28, 2013

We’re sorry for the inconvenience caused to Sky customers wanting to download our Android apps and are working hard to make these apps

— Sky Help Team (@SkyHelpTeam) May 28, 2013

available again as soon as possible. Sky Android apps that Sky customers have previously downloaded should continue to work as normal,

— Sky Help Team (@SkyHelpTeam) May 28, 2013

so there is no need for customers to remove these apps from their Android device.’

— Sky Help Team (@SkyHelpTeam) May 28, 2013

There's still no word on just when BSkyB will be able to re-release their apps, or how current users will be affected, though the company assures readers that previously downloaded apps will continue to work normally.

Thanks, Paul!